This job offer is not available in your country.

▷ [Only 24h Left] Senior Application Security Engineer

NopalCyberIndia

14 hours ago

Job description

About NopalCyber

NopalCyber makes cybersecurity manageable, affordable, reliable, and powerful for companies that need to be resilient and compliant. Through Managed Extended Detection and Response (MXDR), Attack Surface Management (ASM), Breach and Attack Simulation (BAS), and Advisory Services, we fortify our clients’ cybersecurity across both offense and defence.

Our AI-driven Nopal360° platform, NopalGo mobile app, and proprietary Cyber Intelligence Quotient (CIQ) enable organizations to quantify, track, and visualize their cybersecurity posture in real time. We democratize enterprise-grade security operations for organizations of all sizes by lowering the barrier to entry while raising the bar for security and service.

Location : Nopal Cyber, Hyderabad (Work from Office, 5 Days a Week)

Employment Type : Full-time

Key Responsibilities

Run Static Application Security Testing (SAST) using tools such as SonarQube, Fortify, Checkmarx, Veracode, etc., to identify source-code vulnerabilities across multiple languages and frameworks (Java, .NET, Python, JavaScript, etc.).
Configure and execute SAST scans, fine-tune rules, manage false positives, and integrate scans into CI / CD pipelines.
Perform Dynamic Application Security Testing (DAST) (authenticated and unauthenticated) on web apps, APIs, and services; analyse results and validate findings.
Combine SAST and DAST outputs to provide holistic vulnerability coverage and support secure SDLC initiatives.
Plan and conduct Vulnerability Assessment and Penetration Testing (VAPT) for web applications, APIs, and backend services to identify business logic, configuration, and runtime flaws.
Map VAPT findings back to code-level issues discovered in SAST to close the loop with development teams.
Work with developers and DevSecOps engineers to remediate vulnerabilities and embed security testing into build pipelines.
Use Software Composition Analysis (SCA) tools such as Snyk, White Source, Nexus Lifecycle, Black Duck to identify open-source and third-party risks (vulnerabilities, license issues, outdated components).
Generate, validate, and manage Software Bills of Materials (SBOMs) in formats like CycloneDX and SPDX to strengthen software supply chain security.
Monitor transitive dependencies and unverified sources to prevent supply-chain compromise.
Apply secure coding principles aligned with OWASP Top 10, CWE, and language-specific security pitfalls.

Required Skills & Experience

8–12 years of experience in Application Security with direct, hands-on expertise in SAST, DAST, SCA, and VAPT.

Strong knowledge of secure software development practices and common vulnerability classes (OWASP Top 10, CWE, ASVS, language-specific security pitfalls).

Hands-on experience integrating security testing into CI / CD pipelines (Jenkins, Azure DevOps, GitLab CI, GitHub Actions).

Practical expertise with SAST tools (SonarQube, Fortify, Checkmarx, Veracode) and SCA tools (Snyk, White Source, Nexus Lifecycle, Black Duck).

Working knowledge of security architecture frameworks (e.g., SABSA) and threat modeling methodologies (e.g., STRIDE, attack trees) to support risk-based application security design and assessment.

Ability to validate and triage false positives, priorities vulnerabilities, and provide actionable remediation guidance to developers.

Ability to develop and present detailed application security assessment reports, code-level remediation plans, and secure coding guidance aligned with industry standards and compliance requirements.

Strong communication skills to convey technical findings to technical and executive stakeholders.

Educational Qualifications

Bachelor’s degree in engineering, Computer Science, or related discipline.

CEH Certification (Mandatory) plus one or more advanced certifications :

EC-Council Certified Application Security Engineer (CASE – Java / .NET)

GIAC Secure Software Programmer (GSSP – Java / .NET)

Programming language-neutral certifications like CSSLP.

Personal attributes

Self-starter and quick learner requiring minimal ramp-up

Excellent written, oral, and interpersonal communication skills

Highly self-motivated, self-directed, and attentive to detail

Ability to effectively prioritize and execute tasks in a high-pressure environment

Create a job alert for this search

Only 24H Left Senior • India

Related jobs

Promoted

Lead Security Engineer

ArcanaNagpur, IN

As our Lead Security Engineer, you'll own and elevate Arcana's overall security posture - cloud, on-prem, and everything in between. You'll design and enforce policies, automate controls, and harden...Show moreLast updated: 30+ days ago

Promoted

Cyber Security Engineer

Nexoria Techworks Inc.nagpur, maharashtra, in

Job Description : Cybersecurity Engineer.Cybersecurity, Information Security, Threat Management.Your core responsibilities will include : . Implement security measures to proactively identify and mitig...Show moreLast updated: 3 days ago

Promoted

Nextgen Healthcare - Senior Security Engineer

Nextgen HealthcareIndia

Job Description : - Develop and maintain security tooling, guidelines, and standards for the Security Engineering team.Participate in threat intelligence and forensic...Show moreLast updated: 30+ days ago

Promoted

Lead Security Engineer

interface.ainagpur, maharashtra, in

Our cutting-edge Generative AI-powered platform serves over 100 banks and credit unions, delivering hyper-personalized customer interactions across voice, chat, and employee-assisting solutions.To ...Show moreLast updated: 30+ days ago

Promoted

Senior Application Security Engineer

AtomicworkIndia

About Atomicwork Atomicwork is reimagining IT and workplace operations by putting employees at the center of the experience. With a strong emphasis on automation, integration, and security, Atomicwo...Show moreLast updated: 14 days ago

Promoted

Senior Application Security Engineer (AI)

BackbaseIndia

The Job in short Backbase has ushered in a new era of digital banking with the global launch of its AI-powered Banking Platform, recently lighting up Times Square. This milestone marks a bold step i...Show moreLast updated: 13 days ago

Promoted

Application Security Engineer

Castellum LabsIndia

Castellum Labs is a Next Gen Cyber Security Technology Venture that started in 2018, from Hyderabad, India with global ambitions, to change the cybersecurity service model.The company's vision is t...Show moreLast updated: 3 days ago

Promoted

Senior Detection Engineer - MITRE ATT&CK framework - XDR - EDR - AI - Cyber Security Startup - Remote - CTC INR 50 L

CareerXperts Consultingnagpur, maharashtra, in

Remote

This role goes beyond traditional detection engineering : you’ll help improve and build our.AI feedback, and quantify detection efficacy at enterprise scale. Design and maintain modular, high-fideli...Show moreLast updated: 3 days ago

Promoted
New!

15h Left : Senior Application Security Engineer

MOURI TechIndia

We are seeking a highly skilled DevSecOps Engineer with a strong background in application security, penetration testing, and secure development practices. The ideal candidate will bring hands-on ex...Show moreLast updated: 2 hours ago

Promoted
New!

(Only 24h Left) Senior Application Security Engineer (AI)

BackbaseIndia

Backbase has ushered in a new era of digital banking with the global launch of its AI-powered Banking Platform, recently lighting up Times Square. This milestone marks a bold step in reshaping the d...Show moreLast updated: 2 hours ago

Promoted

Lead Application Security Engineer

InMobi AdvertisingIndia

About Us InMobi is the leading provider of content, monetization, and marketing technologies that fuel growth for industries around the world. Our end-to-end advertising software platform, connected...Show moreLast updated: 30+ days ago

Promoted
New!

Immediate Start! Senior Application Security Engineer

AtomicworkIndia

Atomicwork is reimagining IT and workplace operations by putting employees at the center of the experience.With a strong emphasis on automation, integration, and security, Atomicwork helps organiza...Show moreLast updated: 2 hours ago

Promoted

Application Security Engineer

FoodsmartNagpur, IN

Foodsmart is the leading telenutrition and foodcare solution, backed by a robust network of Registered Dietitians.Our platform is designed to foster healthier food choices, drive lasting behavior c...Show moreLast updated: 1 day ago

Promoted

Cyber Security Engineer

Paramount Computer SystemsNagpur, IN

Identity Governance and Administration (IGA).The role involves designing, implementing, and supporting enterprise-grade IGA solutions to ensure secure, efficient, and compliant identity lifecycle m...Show moreLast updated: 14 days ago

Promoted

Senior Application Security Engineer

MOURI TechIndia

Promoted

Senior Application Security Engineer

NopalCyberIndia

Promoted

Senior Application Security Engineer

QualiZealIndia

Conduct Static Application Security Testing (SAST) and Software Composition Analysis (SCA) - Perform Dynamic Application Security Testing (DAST) and Interactive Application Security Testing (IAST) ...Show moreLast updated: 30+ days ago

Promoted

Security Engineer (Detection and Response)

FoodsmartNagpur, IN

Promoted

Senior Security Engineer

ConfidentialIndia

There are NO limits to your career : come shape the future and be part of a truly unique global culture at OutSystems!.As a Security Engineer, Application Security at OutSystems, you will be the goa...Show moreLast updated: 28 days ago

Promoted

Enterprise Applications Security Engineer

AviatrixIndia

WHO WE ARE : For enterprises struggling to secure cloud workloads, Aviatrix® offers a single solution for pervasive cloud security. Where current cybersecurity approaches focus on securing entry poin...Show moreLast updated: 3 days ago